# Define the building environment language: c matrix: fast_finish: true compiler: - clang - gcc env: matrix: # Test the last version of Python and Ruby together, with some linkers - PYVER=python3.7 RUBYLIBVER=2.5.1 - PYVER=python3.7 RUBYLIBVER=2.5.1 TEST_FLAGS_OVERRIDE=1 - PYVER=python3.7 RUBYLIBVER=2.5.1 LINKER=gold - PYVER=python3.7 RUBYLIBVER=2.5.1 LINKER=bfd # Test several Python versions - PYVER=python2.7 RUBYLIBVER=2.5.1 - PYVER=python3.5 RUBYLIBVER=2.5.1 - PYVER=python3.6 RUBYLIBVER=2.5.1 - PYVER=pypy2.7-6.0 RUBYLIBVER=2.5.1 - PYVER=pypy3.5-6.0 RUBYLIBVER=2.5.1 # Test several Ruby versions - PYVER=python3.7 RUBYLIBVER=2.4 - PYVER=python3.7 RUBYLIBVER=2.3 - PYVER=python3.7 RUBYLIBVER=2.2 matrix: exclude: - compiler: clang env: PYVER=python3.7 RUBYLIBVER=2.5.1 LINKER=gold - compiler: clang env: PYVER=python3.7 RUBYLIBVER=2.5.1 LINKER=bfd # Use Travis-CI Ubuntu 16.04 Xenial Xerus infrastructure, "full image" variant sudo: required dist: xenial # Install SELinux userspace utilities dependencies addons: apt: packages: - bison - flex - gawk - gettext - libaudit-dev - libbz2-dev - libcap-dev - libcap-ng-dev # This package is not whitelisted for the container infrastructure (https://github.com/travis-ci/apt-package-whitelist/issues/1096) - libcunit1-dev - libdbus-glib-1-dev - libncurses5-dev - libpcre3-dev - patch - python3-dev - python-dev - swig - xmlto install: # Download and install refpolicy headers for sepolgen tests - curl --location --retry 10 -o "$TRAVIS_BUILD_DIR/refpolicy.tar.bz2" https://github.com/SELinuxProject/refpolicy/releases/download/RELEASE_2_20180701/refpolicy-2.20180701.tar.bz2 - tar -C "$TRAVIS_BUILD_DIR" -xvjf "$TRAVIS_BUILD_DIR/refpolicy.tar.bz2" # Make refpolicy Makefile use the new toolchain when building modules - sed -e "s,^PREFIX :=.*,PREFIX := \$(DESTDIR)/usr," -i "$TRAVIS_BUILD_DIR/refpolicy/support/Makefile.devel" - sudo make -C "$TRAVIS_BUILD_DIR/refpolicy" install-headers - sudo rm -rf "$TRAVIS_BUILD_DIR/refpolicy.tar.bz2" "$TRAVIS_BUILD_DIR/refpolicy" - sudo mkdir -p /etc/selinux - echo 'SELINUXTYPE=refpolicy' | sudo tee /etc/selinux/config - echo 'SELINUX_DEVEL_PATH = /usr/share/selinux/refpolicy' | sudo tee /etc/selinux/sepolgen.conf # Make sepolgen tests work without really installing anything in the real root (doing this would conflict with Ubuntu packages) - sed -e "s,\"\(/usr/bin/[cs]\),\"$TRAVIS_BUILD_DIR/installdir\1," -i python/sepolgen/src/sepolgen/module.py # Download the required python version if it is not installed - VIRTUAL_ENV="$HOME/virtualenv/$PYVER" - if ! [ -d "$VIRTUAL_ENV" ] ; then curl --retry 10 -o python.tar.bz2 "https://s3.amazonaws.com/travis-python-archives/binaries/ubuntu/16.04/x86_64/${PYVER/python/python-}.tar.bz2" && sudo tar xjf python.tar.bz2 --directory / && rm python.tar.bz2 ; fi # Install flake8 for the given python version - $VIRTUAL_ENV/bin/pip install flake8 before_script: # Build and install in a temporary directory to run tests - export DESTDIR="$TRAVIS_BUILD_DIR/installdir" # Configure the variables for Python parts - export VIRTUAL_ENV="$HOME/virtualenv/$PYVER" - export PYTHON="$VIRTUAL_ENV/bin/python" # Use the header files in /opt/python/... for Python because the virtualenvs do not provide Python.h - export PKG_CONFIG_PATH="/opt/python/$($PYTHON -c 'import sys;print("%d.%d.%d" % sys.version_info[:3])')/lib/pkgconfig" # PyPy does not provide a config file for pkg-config # libpypy-c.so is provided in bin/libpypy-c.so for PyPy and bin/libpypy3-c.so for PyPy3 - if echo "$PYVER" | grep -q pypy ; then export PYINC=-I$($PYTHON -c 'import sys;print(sys.prefix)')/include ; export PYLIBS="$($PYTHON -c 'import sys;print("-L%s/bin -l%s" % (sys.prefix, "pypy-c" if sys.version_info < (3,) else "pypy3-c"))')" ; fi # Find the Ruby executable with version $RUBYLIBVER - rvm reinstall ruby-$RUBYLIBVER --binary - export RUBY="$(ls -d -1 "$HOME/.rvm/rubies/ruby-$RUBYLIBVER"*/bin/ruby | head -n 1)" # Set the linker in $CC so that it gets used everywhere - if [ -n "$LINKER" ]; then CC="$CC -fuse-ld=$LINKER" ; fi # Show variables and versions (to help debugging) - echo "$CC" ; $CC --version - echo "$PYTHON" ; $PYTHON --version - echo "$RUBY" ; $RUBY --version # If TEST_FLAGS_OVERRIDE is defined, test that overriding CFLAGS, LDFLAGS and other variables works fine - if [ -n "$TEST_FLAGS_OVERRIDE" ]; then EXPLICIT_MAKE_VARS="CFLAGS=-I$DESTDIR/usr/include LDFLAGS=-L$DESTDIR/usr/lib LDLIBS= CPPFLAGS=" ; fi script: # Start by installing everything into $DESTDIR - make install $EXPLICIT_MAKE_VARS -k - make install-pywrap $EXPLICIT_MAKE_VARS -k - make install-rubywrap $EXPLICIT_MAKE_VARS -k # Now that everything is installed, run "make all" to build everything which may have not been built - make all $EXPLICIT_MAKE_VARS -k # Set up environment variables for the tests - export LD_LIBRARY_PATH="$DESTDIR/usr/lib:$DESTDIR/lib" - export PATH="$DESTDIR/usr/sbin:$DESTDIR/usr/bin:$DESTDIR/sbin:$DESTDIR/bin:$PATH" - export PYTHONPATH="$DESTDIR$($PYTHON -c "from distutils.sysconfig import *;print(get_python_lib(prefix='/usr'))")" - export RUBYLIB="$DESTDIR/$($RUBY -e 'puts RbConfig::CONFIG["vendorlibdir"]'):$DESTDIR/$($RUBY -e 'puts RbConfig::CONFIG["vendorarchdir"]')" # Show variables (to help debugging issues) - echo "$LD_LIBRARY_PATH" - echo "$PATH" - echo "$PYTHONPATH" - echo "$RUBYLIB" # Run tests - make test $EXPLICIT_MAKE_VARS # Test Python and Ruby wrappers - $PYTHON -c 'import selinux;import selinux.audit2why;import semanage;print(selinux.is_selinux_enabled())' - $RUBY -e 'require "selinux";require "semanage";puts Selinux::is_selinux_enabled()' # Run Python linter - PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8 # Remove every installed files - rm -rf "$DESTDIR" # Test that "git status" looks clean, or print a clear error message - |- git status --short | sed -n 's/^??/error: missing .gitignore entry for/p' | (! grep '^') # Clean up everything and show which file would be added to "make clean" - make clean distclean $EXPLICIT_MAKE_VARS - |- git ls-files --ignored --others --exclude-standard | sed 's/^/error: "make clean distclean" did not remove /' | (! grep '^') # Do not spam by email so long as the build succeeds notifications: email: on_success: never